Note : mysql_real_escape_string() does not escape % and _ .
Exemple 1 . mysql_real_escape_string( ) example